SuSE-SA:2004:017: kernel

low Nessus Plugin ID 13833

Synopsis

The remote host is missing a vendor-supplied security patch

Description

The remote host is missing the patch for the advisory SuSE-SA:2004:017 (kernel).


The Linux kernel is vulnerable to a local denial-of-service attack.
By using a C program it is possible to trigger a floating point exception that puts the kernel into an unusable state.
To execute this attack a malicious user needs shell access to the victim's machine.
The severity of this bug is considered low because local denial-of- service attacks are hard to prevent in general.
Additionally the bug is limited to x86 and x86_64 architecture.

Solution

http://www.suse.de/security/2004_17_kernel.html

Plugin Details

Severity: Low

ID: 13833

File Name: suse_SA_2004_017.nasl

Version: 1.14

Agent: unix

Published: 7/25/2004

Updated: 1/14/2021

Supported Sensors: Continuous Assessment, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Low

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: Host/SuSE/rpm-list

Reference Information

CVE: CVE-2004-0554